Topics

Schedule TCPDUMP with CRON

Why I need to run tcpdump with cron?

Sometimes problems happens while we are sleeping and disappear without any intervention in the morning.
Unfortunately we are missing diagnosis data to drive the proper root cause analysis.

And of course even we are praying that those problems don’t come back, they will come back.
So prepare yourself to take a tcpdump during the night and collect data! You can do it with the crontab!

What is needed?

The best option is to take the tcpdump with 2 scripts which are scheduled with the crontab.

First script to start the tcpdump

Second script to stop the tcpdump

Scripts

To get the tcpdump running you can use following command within your first bash script (You can also refer to my previous article.)/usr/sbin/tcpdump -i $SET_INTERFACE -s0 -w “$SAVE_IN_FOLDER/$SAVE_AS_FILE”

To stop the tcpdump after a specific period of time you can use the following part in your second bash script:

Crontab

Summary

The crontab can be very useful when you need to gather diagnosis data during a time you are not available (e.g. when you sleep).
With the scripts on my GitHub repository you should be able to take a tcpdump without problems.